mirror of
https://github.com/graphql-hive/console
synced 2026-04-21 14:37:17 +00:00
docs(router): Operation Complexity: Max Aliases (#7649)
This commit is contained in:
Arda TANRIKULU
GitHub
parent
88577222d2
commit
54c8d35121
1 changed files with 77 additions and 20 deletions
|
|
@ -5,7 +5,7 @@ title: 'limits'
|
|||
# limits
|
||||
|
||||
The `limits` configuration allows you to set various limits on incoming GraphQL requests to prevent
|
||||
too large queries that could lead to overfetching or DOS attacks.
|
||||
too large operations that could lead to overfetching or DOS attacks.
|
||||
|
||||
[Learn more about operation complexity and why limiting it is important](../security/operation-complexity).
|
||||
|
||||
|
|
@ -21,7 +21,7 @@ depth.
|
|||
|
||||
- **Type:** `integer`
|
||||
|
||||
The maximum allowed depth for incoming GraphQL queries.
|
||||
The maximum allowed depth for incoming GraphQL operations.
|
||||
|
||||
#### `disable_introspection`
|
||||
|
||||
|
|
@ -41,31 +41,43 @@ to explore the schema.
|
|||
|
||||
When set to `true`, the depth calculation will consider fragment spreads as if they were inlined.
|
||||
This provides a more accurate depth measurement, especially when fragments are used extensively in
|
||||
queries.
|
||||
operations.
|
||||
|
||||
### `max_directives`
|
||||
|
||||
This option allows you to set a maximum number of directives allowed in incoming GraphQL queries.
|
||||
Queries that exceed this number will be rejected with an error. If not specified, there is no limit
|
||||
on the number of directives.
|
||||
This option allows you to set a maximum number of directives allowed in incoming GraphQL operations.
|
||||
Operations that exceed this number will be rejected with an error. If not specified, there is no
|
||||
limit on the number of directives.
|
||||
|
||||
#### `n`
|
||||
|
||||
- **Type:** `integer`
|
||||
|
||||
The maximum allowed number of directives in incoming GraphQL queries.
|
||||
The maximum allowed number of directives in incoming GraphQL operations.
|
||||
|
||||
### `max_tokens`
|
||||
|
||||
This option allows you to set a maximum number of tokens allowed in incoming GraphQL queries.
|
||||
Queries that exceed this number will be rejected with an error. If not specified, there is no limit
|
||||
on the number of tokens.
|
||||
This option allows you to set a maximum number of tokens allowed in incoming GraphQL operations.
|
||||
Operations that exceed this number will be rejected with an error. If not specified, there is no
|
||||
limit on the number of tokens.
|
||||
|
||||
#### `n`
|
||||
|
||||
- **Type:** `integer`
|
||||
|
||||
The maximum allowed number of tokens in incoming GraphQL queries.
|
||||
The maximum allowed number of tokens in incoming GraphQL operations.
|
||||
|
||||
### `max_aliases`
|
||||
|
||||
This option allows you to set a maximum number of aliases allowed in incoming GraphQL operations.
|
||||
Operations that exceed this number will be rejected with an error. If not specified, there is no
|
||||
limit on the number of aliases.
|
||||
|
||||
#### `n`
|
||||
|
||||
- **Type:** `integer`
|
||||
|
||||
The maximum allowed number of aliases in incoming GraphQL operations.
|
||||
|
||||
## Examples
|
||||
|
||||
|
|
@ -77,7 +89,7 @@ limits:
|
|||
n: 2
|
||||
```
|
||||
|
||||
In that example, any incoming GraphQL query that exceeds a depth of 2 will be rejected with an
|
||||
In that example, any incoming GraphQL operation that exceeds a depth of 2 will be rejected with an
|
||||
error.
|
||||
|
||||
```graphql
|
||||
|
|
@ -102,8 +114,8 @@ limits:
|
|||
n: 5
|
||||
```
|
||||
|
||||
In that example, any incoming GraphQL query that contains more than 5 directives will be rejected
|
||||
with an error.
|
||||
In that example, any incoming GraphQL operation that contains more than 5 directives will be
|
||||
rejected with an error.
|
||||
|
||||
```graphql
|
||||
query {
|
||||
|
|
@ -117,8 +129,8 @@ query {
|
|||
}
|
||||
```
|
||||
|
||||
The above query contains 4 directives, so it would be accepted. If a query contained more than 5
|
||||
directives, it would be rejected.
|
||||
The above query contains 4 directives, so it would be accepted. If an operation contained more than
|
||||
5 directives, it would be rejected.
|
||||
|
||||
### Limit Tokens to 10
|
||||
|
||||
|
|
@ -128,8 +140,8 @@ limits:
|
|||
n: 10
|
||||
```
|
||||
|
||||
In that example, any incoming GraphQL query that contains more than 10 tokens will be rejected with
|
||||
an error.
|
||||
In that example, any incoming GraphQL operation that contains more than 10 tokens will be rejected
|
||||
with an error.
|
||||
|
||||
```graphql
|
||||
query {
|
||||
|
|
@ -140,5 +152,50 @@ query {
|
|||
}
|
||||
```
|
||||
|
||||
The above query contains 8 tokens, so it would be accepted. If a query contained more than 10
|
||||
tokens, it would be rejected.
|
||||
The above operation contains 8 tokens, so it would be accepted. If an operation contained more than
|
||||
10 tokens, it would be rejected.
|
||||
|
||||
### Limit Aliases to 3
|
||||
|
||||
```yaml filename="router.config.yaml"
|
||||
limits:
|
||||
max_aliases:
|
||||
n: 3
|
||||
```
|
||||
|
||||
In that example, any incoming GraphQL operation that contains more than 3 aliases will be rejected
|
||||
with an error.
|
||||
|
||||
```graphql
|
||||
query {
|
||||
user1: user {
|
||||
id
|
||||
}
|
||||
user2: user {
|
||||
name
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
The above operation contains 2 aliases (`user1` and `user2`), so it would be accepted. If an
|
||||
operation contained more than 3 aliases, it would be rejected.
|
||||
|
||||
```graphql
|
||||
query {
|
||||
user1: user {
|
||||
id
|
||||
}
|
||||
user2: user {
|
||||
name
|
||||
}
|
||||
user3: user {
|
||||
email
|
||||
}
|
||||
user4: user {
|
||||
age
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
The above query contains 4 aliases (`user1`, `user2`, `user3`, and `user4`), so it would be
|
||||
rejected.
|
||||
|
|
|
|||
Loading…
Reference in a new issue